<?php
	include('../include/db_connect.php');
	function inDB() {
		$password = md5($_SERVER['PHP_AUTH_PW']);
		$queryL="SELECT idUSERNAME, gebruikers_naam, wachtwoord FROM USERNAME
	             WHERE BINARY
	             gebruikers_naam='".$_SERVER['PHP_AUTH_USER']."'
	             AND
	             wachtwoord='".$password."'
	             AND
	             admin = 1
                 AND
                 status='act'";
	
	$resL=   mysql_query($queryL) or die(mysql_error());
	$usR =   mysql_fetch_array($resL);
	if ($usR===false) return false;
		return $usR['idUSERNAME'];
	}
	$usR = inDB();


?>
<style type="text/css">
div#noPermission{
margin-left:auto;
margin-right:auto;
text-align:center;
}
#noPermission a{
text-decoration:none;
color: #000000;
}
#noPermission a:hover{
text-decoration:none;
color: #ff0000;
}
#noPermissionImage a{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #000000;
}
#noPermissionImage a:hover{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop2.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #ff0000;
}

</style>
<?php
if(!isset($_SERVER['PHP_AUTH_USER'])||$usR===false)
  {
    Header("WWW-Authenticate: Basic realm=\"Vul je gebruikersnaam en wachtwoord in\"");
    Header("HTTP/1.0 401 Unauthorized");
    echo '<div id="noPermission">';
	echo '<h1> U heeft geen authorisatie om hier te komen.</h1><br>';
	echo '<div id="noPermissionImage">';
	echo '<a href="../index.php"></a>';
	echo '</div>';
	echo '<h1> <a href="../index.php">Klik hierom terug te gaan naar de index site</a> </h1><br>';
	echo '</div>';

   }
	else
	  {
		include 'include/admin_header.php';
		include 'include/admin_menu.php';
		//als je op de link klikt moet 'ie automatisch pagina 1 laten zien
		if(!isset($_GET['page']) || $_GET['page'] < 0) {
			$_GET['page'] = 1;
			if(isset($_GET['search'])) {
				header("Location: klantoverzicht.php?page=1&search=".$_GET['search']);
			} else {
				header("Location: klantoverzicht.php?page=1");
			}
		}
		if(!isset($_GET['sort'])) {
			$_GET['sort'] = "";
		}
		if(!isset($_GET['method'])) {
			$_GET['method'] = "";
		}
		echo "<div id='main_content'>";
		echo "<div id='klantenoverzicht'>";
		$welcomeText = "<h2>Klantenoverzicht</h2><p>Dit is een testtekst! Leuk woord voor Scrabble! ".
		               "Dit is nog altijd een testtekst. Dit omdat het een testversie van het overzicht ".
                       "is, en dus niet de echte versie. Een test versie dus.</p>";
		$arrayTableHeaders = array("", "Klantnummer", "Voornaam", "Tussenvoegsel", "Achternaam", "Status");
		echo $welcomeText;
		$usersPerPageCount = 8;  //moet ook in DB!
		if($_GET['page'] == 1) {
			$lowerLimit = 0;
		} else {
			$lowerLimit = 0;
			for($i = 2; $i <= $_GET['page']; $i++) {
				$lowerLimit = $lowerLimit + $usersPerPageCount;
			}
		}
		if(isset($_GET['sort']) && $_GET['sort'] != '') {
			$orderBy = "ORDER BY ".$_GET['sort']." ".strtoupper($_GET['method']);
		} else {
			$orderBy = "";
		}
		$limit = $lowerLimit.",".$usersPerPageCount;
		
		if(isset($_GET['search']) && $_GET['search'] != "") {
			$whereSearch = " AND (USERNAME_idUSERNAME like '%".$_GET['search']."%' OR voornaam like '%".$_GET['search']."%' OR achternaam like '%".$_GET['search']."%' OR email like '%".$_GET['search']."%' OR postcode like '%".$_GET['search']."%' OR straat_naam like '%".$_GET['search']."%' OR woonplaats like '%".$_GET['search']."%')";
			$countWhereSearch = " WHERE (USERNAME_idUSERNAME like '%".$_GET['search']."%' OR voornaam like '%".$_GET['search']."%' OR achternaam like '%".$_GET['search']."%' OR email like '%".$_GET['search']."%' OR postcode like '%".$_GET['search']."%' OR straat_naam like '%".$_GET['search']."%' OR woonplaats like '%".$_GET['search']."%')";
		} else {
			$whereSearch = "";
			$countWhereSearch = "";
		}
		
		$fetchUserQuery = mysql_query("SELECT `idUSER_DATA` as 'klantnummer', `voornaam`, `tussenvoegsel`, ".
		                              "`achternaam`, `status` ".
		                              "FROM USER_DATA, USERNAME, ADRES ".
									  "WHERE idUSERNAME = idUSER_DATA AND idADRES = ADRES_idADRES ". 
									  $whereSearch.
		                              $orderBy." LIMIT ".$limit);
		if(!$fetchUserQuery) {
			die("Query failed, please try again later. ".mysql_error());
		}
		echo "<div id='klant_aantal'>Aantal klanten per pagina: ".$usersPerPageCount."</div>";
		
		echo "<form action='klantoverzicht.php' method='get'>";
		echo "<input type='text' name='search'>";
		echo "<input type='hidden' name='test'>";
		echo "<input type='submit' name='Submit' value='Zoeken'>";
		echo "</form>";
		
		echo "<p>";
		echo "<table>";
		echo "<tr>";
		$curURL = "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
		foreach($arrayTableHeaders as $key) {
			$key = strtolower($key);
			if($key == $_GET['sort'] && $key != "") {
				if($_GET['method'] == "asc") {
					$arrow = "&darr;";
				} else if($_GET['method'] == "desc") {
					$arrow = "&uarr;";
				}
			} else {
				$arrow = "";
			}
			if($_GET['method'] == "asc") {
				$method = "desc";
			} else if($_GET['method'] == "desc") {
				$method = "";
			} else if($_GET['method'] == "") {
				$method = "asc";
			} else {
				$method = "";
			}
			echo "<th><a href='klantoverzicht.php?page=".$_GET['page']."&sort=".$key."&method=".$method."'>";
			echo ucfirst($key).$arrow;
			echo "</a></th>";
		}
		echo "</tr>";
		while($row = mysql_fetch_assoc($fetchUserQuery)) {
			echo "<tr>";
			if($row['status'] == 'act') {
				echo "<td><a class='edit_user' href='verwijderklant.php?id=".$row['klantnummer']."'>x</a>&nbsp;<a href='klantdetail.php?id=".$row['klantnummer']."'>Bekijk klant</a></td>";
			} else {
				echo "<td>&nbsp;&nbsp;<a href='klantdetail.php?id=".$row['klantnummer']."'>Bekijk klant</a></td>";
			}
			echo "<td>".$row['klantnummer']."</a></td>";
			echo "<td>".$row['voornaam']."</a></td>";
			echo "<td>".$row['tussenvoegsel']."</td>";
			echo "<td>".$row['achternaam']."</td>";
			if($row['status'] == 'act') {
				echo "<td>Actief</td>";
			} else if($row['status'] == 'inact') {
				echo "<td>Non-actief</td>";
			} else {
				echo "<td>Niet bekend!</td>";
			}
			echo "</tr>";
		}
		echo "</table><br><hr>";
		if(!isset($_GET['search'])) {
			$search = "";
		} else {
			$search = $_GET['search'];
		}
		if($_GET['page'] != 1) {
			$page = $_GET['page'] - 1;
			echo "<a href='?page=".$page."&sort=".$_GET['sort']."&method=".$_GET['method']."&search='".$search.">Vorige</a>\n";
		}
		$userCountQuery = mysql_query("SELECT COUNT(idUSER_DATA) FROM USER_DATA ".$countWhereSearch);
		if(!$userCountQuery) {
			die("Query failed, please try again later. ".mysql_error());
		}
		$userCount = mysql_result($userCountQuery, 0);
		if($userCount > $usersPerPageCount) {
			//hier wordt uitgerekend hoeveel pagina's er nodig zijn
			//ceil = omhoog afronden
			$pagesCount = ceil($userCount / $usersPerPageCount);
			for($i = 1; $i <= $pagesCount; $i++) {
				if($_GET['page'] == $i) {
					$pageNav = "<span class='activePage'>".$i."</span>&nbsp;";
				} else {
					$pageNav = "<a href='?page=".$i."&sort=".$_GET['sort']."&method=".$_GET['method']."&search='".$search."'>".$i."</a>&nbsp;";
				}
				echo $pageNav;
			}
			if($pagesCount != $_GET['page']) {
				$page = $_GET['page'] + 1;
				echo "<a href='?page=".$page."&sort=".$_GET['sort']."&method=".$_GET['method']."&search='".$search."'>Volgende</a>";
			}
		}
		echo "</p>";
		echo "</div>";
		echo "</div>";
		echo "<div class='clearthis'></div>";
		include 'include/admin_footer.php';
	}
?>